buffer-overflow

buffer overflow example from Art of Exploitation book

ぃ、小莉子 提交于 2019-11-27 12:56:39
I was reading this book Art of Exploitation, which is kinda good book and I run across that example from exploit_notesearch.c file. Briefly author tries to overflow program from notesearch.c int main(int argc, char *argv[]) { int userid, printing=1, fd; char searchstring[100]; if(argc > 1) // If there is an arg strcpy(searchstring, argv[1]); else // otherwise, searchstring[0] = 0; The argument of the main function is copied to the searchstring array and if the argument is bigger than 100 bytes it will overflow the return address from the main function. The author prepares the shellcode in

Stack Overflow Exploit in C

生来就可爱ヽ(ⅴ<●) 提交于 2019-11-27 11:49:29
问题 The question is actually about stack overflows in C. I have an assigment that I can not get done for the life of me, I've looked at everything in the gdb and I just cant figure it. The question is the following: int i,n; void confused() { printf("who called me"); exit(0); } void shell_call(char *c) { printf(" ***Now calling \"%s\" shell command *** \n",c); system(c); exit(0); } void victim_func() { int a[4]; printf("[8]:%x\n", &a[8]); printf("Enter n: "); scanf("%d",&n); printf("Enter %d HEX

Why does this for loop exit on some platforms and not on others?

自作多情 提交于 2019-11-27 08:57:58
问题 I have recently started to learn C and I am taking a class with C as the subject. I'm currently playing around with loops and I'm running into some odd behaviour which I don't know how to explain. #include <stdio.h> int main() { int array[10],i; for (i = 0; i <=10 ; i++) { array[i]=0; /*code should never terminate*/ printf("test \n"); } printf("%d \n", sizeof(array)/sizeof(int)); return 0; } On my laptop running Ubuntu 14.04, this code does not break. It runs to completion. On my school's

Why is bounds checking not implemented in some of the languages?

限于喜欢 提交于 2019-11-27 08:06:59
问题 According to the Wikipedia (http://en.wikipedia.org/wiki/Buffer_overflow) Programming languages commonly associated with buffer overflows include C and C++, which provide no built-in protection against accessing or overwriting data in any part of memory and do not automatically check that data written to an array (the built-in buffer type) is within the boundaries of that array. Bounds checking can prevent buffer overflows. So, why are 'Bounds Checking' not implemented in some of the

Why is the fgets function deprecated?

折月煮酒 提交于 2019-11-27 07:43:14
From The GNU C Programming Tutorial : The fgets ("file get string") function is similar to the gets function. This function is deprecated -- that means it is obsolete and it is strongly suggested you do not use it -- because it is dangerous. It is dangerous because if the input data contains a null character, you can't tell. Don't use fgets unless you know the data cannot contain a null. Don't use it to read files edited by the user because, if the user inserts a null character, you should either handle it properly or print a clear error message. Always use getline or getdelim instead of fgets

Malloc segmentation fault

生来就可爱ヽ(ⅴ<●) 提交于 2019-11-27 06:50:37
问题 Here is the piece of code in which segmentation fault occurs (the perror is not being called): job = malloc(sizeof(task_t)); if(job == NULL) perror("malloc"); To be more precise, gdb says that the segfault happens inside a __int_malloc call, which is a sub-routine call made by malloc . Since the malloc function is called in parallel with other threads, initially I thought that it could be the problem. I was using version 2.19 of glibc. The data structures: typedef struct rv_thread thread

What C/C++ tools can check for buffer overflows? [closed]

情到浓时终转凉″ 提交于 2019-11-27 05:22:33
问题 I've been asked to maintain a large C++ codebase full of memory leaks. While poking around, I found out that we have a lot of buffer overflows that lead to the leaks (how it got this bad, I don't ever want to know). I've decided to removing the buffer overflows first. To make my bug-hunting easier, what tools can be used to check for buffer overruns? 回答1: On Linux I'd use Valgrind. 回答2: Consider using more modern data structures as a way of avoiding buffer overflows. Reading into a std:

What is a buffer overflow and how do I cause one?

一个人想着一个人 提交于 2019-11-27 03:24:29
I have heard about a buffer overflow and I would like to know how to cause one. Can someone show me a small buffer overflow example? New(And what they are used for?) David Dean A buffer overflow is basically when a crafted section (or buffer) of memory is written outside of its intended bounds. If an attacker can manage to make this happen from outside of a program it can cause security problems as it could potentially allow them to manipulate arbitrary memory locations, although many modern operating systems protect against the worst cases of this. While both reading and writing outside of

Why does this memory address %fs:0x28 ( fs[0x28] ) have a random value?

混江龙づ霸主 提交于 2019-11-27 00:23:15
问题 I've written a piece of C code and I've disassembled it as well as read the registers to understand how the program works in assembly. int test(char *this){ char sum_buf[6]; strncpy(sum_buf,this,32); return 0; } The piece of my code that I've been examining is the test function. When I disassemble the output my test function I get ... 0x00000000004005c0 <+12>: mov %fs:0x28,%rax => 0x00000000004005c9 <+21>: mov %rax,-0x8(%rbp) ... stuff .. 0x00000000004005f0 <+60>: xor %fs:0x28,%rdx

What is the difference between a stack overflow and buffer overflow?

社会主义新天地 提交于 2019-11-26 23:54:25
问题 What is different between stack overflow and buffer overflow in Programming ? 回答1: Stack overflow refers specifically to the case when the execution stack grows beyond the memory that is reserved for it. For example, if you call a function which recursively calls itself without termination, you will cause a stack overflow as each function call creates a new stack frame and the stack will eventually consume more memory than is reserved for it. Buffer overflow refers to any case in which a
订阅 buffer-overflow